Raphaël Pinson raphink

## Talk_Subjects.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              3 stars
            
          
                raphink
                / Talk_Subjects.md
            
            
              Last active
              May 16, 2022 10:08
            
              
                Talk Subjects to be used for CFPs
              
          
    General and Concepts


Declarative Deployments & why it matters


Over the last 30 years, the Configuration Management community has learned that using a declarative approach to resource management is beneficial for both stability and change management. How does this apply to the new paradigm of Kubernetes deployments?


YAML Engineering: why we need a new paradigm


YAML has become the de-facto standard to express resources in many fields linked to DevOps practices. What are YAML's strengths and weaknesses, and what are the other options going forward?


## main.go
package main

import (
  "os"
  "strings"
)

func main() {
  const tmpl := `
USER={{.USER}}

## jwt_hashed_token.argocd.state.hcl
resource "jwt_hashed_token" "argocd" {
    algorithm   = "HS256"
    claims_json = jsonencode(
        {
            iat = 1605854613
            iss = "argocd"
            jti = "d58253cb-82b9-c58f-5ffd-fea1e8b5afc2"
            nbf = 1605854613
            sub = "pipeline"
        }

## hibernate.pp
Augeas {
  lens    => 'Xml.lns',
  incl    => '/home/raphink/bas/puppet/hibernate.cfg.xml',
  context => '/files/home/raphink/bas/puppet/hibernate.cfg.xml/hibernate-configuration/session-factory',
}


$settings = [
    "set property[#attribute/name='hibernate.connection.driver_class']/#text 'org.postgresql.Driver'",

## puppet_file_manipulation_approaches.md

      
              1 file
            
          
              2 forks
            
          
              0 comments
            
          
              3 stars
            
          
                raphink
                / puppet_file_manipulation_approaches.md
            
            
              Last active
              June 4, 2020 16:48
            
          
    File Manipulation Approaches

Full configurations

Static content


Software/script => have you considered packaging it?
binary/large data file => add metadata (git + vcsrepo type, maybe even git-annex or git-lfs?)
Puppet >= 3.7:


## bond.pp
augeas {
  'eth_bond_bond0':
    context => '/files/etc/network/interfaces',
    changes => [
      'defnode bond iface[.="bond0"] ""',
      "set \$bond/post-up[1] 'ip route add 10/8 via ${gw} mtu 8900'",
      "set \$bond/post-up[2] 'ip route add default via ${gw} mtu 1500'",
      'set \$bond/mtu 8900',
      'rm \$bond/gateway',
    ]

## gen_cert_simple.rb
require 'puppet'

Puppet.initialize_settings
host = Puppet::SSL::Host.new()
host.generate
sm = Puppet::SSL::StateMachine.new(waitforcert: 10)
sm.ensure_client_certificate

## Gemfile.rb
source ENV['GEM_SOURCE'] || "https://rubygems.org"

group :development, :test do
  gem 'rake',                                             :require => false
  gem 'puppet-lint',                                      :require => false

  # Other lint plugins (optional)
  gem 'puppet-lint-spaceship_operator_without_tag-check', :require => false
  gem 'puppet-lint-unquoted_string-check',                :require => false
  gem 'puppet-lint-undef_in_function-check',              :require => false

## provider.tf
provider freeipa {
  host = "ipa.example.test" # or set $FREEIPA_HOST
  username = "admin" # or set $FREEIPA_USERNAME
  password = "P@S5sw0rd" # or set $FREEIPA_PASSWORD
  insecure = true
}

## bivac-backup.sh
$ bivac backup ssh_config
Backing up `ssh_config'...
ID: ssh_config
Name: ssh_sshconfig
Mountpoint: /etc/ssh
Backup date: 2019-06-13 09:35:38
Backup status: Success
Logs:

        testInit
	package main

	import (
	"os"
	"strings"
	)

	func main() {
	const tmpl := `
	USER={{.USER}}
	resource "jwt_hashed_token" "argocd" {
	algorithm = "HS256"
	claims_json = jsonencode(
	{
	iat = 1605854613
	iss = "argocd"
	jti = "d58253cb-82b9-c58f-5ffd-fea1e8b5afc2"
	nbf = 1605854613
	sub = "pipeline"
	}
	Augeas {
	lens => 'Xml.lns',
	incl => '/home/raphink/bas/puppet/hibernate.cfg.xml',
	context => '/files/home/raphink/bas/puppet/hibernate.cfg.xml/hibernate-configuration/session-factory',
	}


	$settings = [
	"set property[#attribute/name='hibernate.connection.driver_class']/#text 'org.postgresql.Driver'",
	augeas {
	'eth_bond_bond0':
	context => '/files/etc/network/interfaces',
	changes => [
	'defnode bond iface[.="bond0"] ""',
	"set \$bond/post-up[1] 'ip route add 10/8 via ${gw} mtu 8900'",
	"set \$bond/post-up[2] 'ip route add default via ${gw} mtu 1500'",
	'set \$bond/mtu 8900',
	'rm \$bond/gateway',
	]
	require 'puppet'

	Puppet.initialize_settings
	host = Puppet::SSL::Host.new()
	host.generate
	sm = Puppet::SSL::StateMachine.new(waitforcert: 10)
	sm.ensure_client_certificate
	source ENV['GEM_SOURCE'] \|\| "https://rubygems.org"

	group :development, :test do
	gem 'rake', :require => false
	gem 'puppet-lint', :require => false

	# Other lint plugins (optional)
	gem 'puppet-lint-spaceship_operator_without_tag-check', :require => false
	gem 'puppet-lint-unquoted_string-check', :require => false
	gem 'puppet-lint-undef_in_function-check', :require => false
	provider freeipa {
	host = "ipa.example.test" # or set $FREEIPA_HOST
	username = "admin" # or set $FREEIPA_USERNAME
	password = "P@S5sw0rd" # or set $FREEIPA_PASSWORD
	insecure = true
	}
	$ bivac backup ssh_config
	Backing up `ssh_config'...
	ID: ssh_config
	Name: ssh_sshconfig
	Mountpoint: /etc/ssh
	Backup date: 2019-06-13 09:35:38
	Backup status: Success
	Logs:

	testInit